spring security 공부 중

spring security login 하기전 우선 메이븐에 라이브러리 2개를 추가해야함

# pom.xml 

<!-- Spring Security -->

<dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-web</artifactId> <version>${org.springframework-version}</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-config</artifactId> <version>${org.springframework-version}</version> </dependency>

<!— CGLib —> <dependency> <groupId>cglib</groupId> <artifactId>cglib</artifactId> <version>3.1</version> <type>jar</type> <scope>compile</scope> </dependency>

스프링 시큐리티를 사용하기 위해 아래와 같이 환경설정을 추가한다.

# web.xml

<context-param> <param-name>contextConfigLocation</param-name> <param-value> /WEB-INF/spring/root-context.xml, classpath*:com/syaku/config/security-context.xml </param-value> </context-param> <!-- spring security --> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>

<filter-name>는 springSecurityFilterChain 이름으로 해야한다. 스프링에서 의존하는 필터이기 때문이다.

다음은 스프링에 스프링 시큐리티 설정정보를 추가한다. /src/main/resources/com/syaku/config/security-context.xml 파일을 생성한다.

# security-context.xml

<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd "> <http auto-config="true"> <intercept-url pattern="/**" access="ROLE_USER" /> </http> <authentication-manager> <authentication-provider> <user-service> <user name="guest" password="guest" authorities="ROLE_USER"/> </user-service> </authentication-provider> </authentication-manager> </beans:beans>

테스트를 위해 웹페이지에서 아래와 같이 접속을 하면 로그인 화면이 출력된다.

http://localhost:8080/security

security-context.xml 에서 설정한 계정과 암호를 입력하여 로그인한다. authentication-manager 태그를 확인하면 된다.